Microsoft confirmed today that a nine-hour outage on Tuesday, which took down and disrupted multiple Microsoft 365 and Azure services worldwide, was triggered by a distributed denial-of-service (DDoS) attack.
Redmond says the outage impacted Microsoft Entra, some Microsoft 365 and Microsoft Purview services (including Intune, Power BI, and Power Platform), as well as Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, and the Azure portal.
The company confirmed in a mitigation statement published today that the root cause behind yesterday's outage was a DDoS attack, although it has yet to link it to a specific threat actor.
"While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, which activated our DDoS protection mechanisms, initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it," Microsoft said.
"Once the nature of the usage spike was understood, we implemented networking configuration changes to support our DDoS protection efforts, and performed failovers to alternate networking paths to provide relief."